For Information on 8 November 1999 Legislative Council Information Technology and Broadcasting Panel Rectification Work of Y2K Compliance and Contingency Planning of Critical Systems and Equipment of Urban Services Department Purpose This paper reports the latest progress of USD in rectifying the Y2K problem in its mission-critical systems and equipment and its contingency plans to cope with Y2K-induced incidents. Overall Progress 2. In planning and implementing the rectification work of the Y2K problem, USD has strictly followed the guidelines of ITSD, EMSD and OFTA. The Y2K rectification work and testing of all critical IT systems, embedded systems and line communication systems were all successfully completed in June 1999. Please refer to the Appendix for details. 3. To further ensure that all mission-critical IT systems are Y2K compliant, USD has arranged simulated Y2K-compliance tests (Y2K Day) for all mission-critical IT systems in a production environment. Tests were conducted between July and September 1999, and all systems have successfully passed the tests. 4. As for the embedded systems and line communication systems, the Department requested that all mission-critical systems and equipment should have the written confirmation of the contractors or the maintenance contractors to ensure they are Y2K compliant. Besides, additional on-site Y2K audit tests on these systems and equipment were also arranged to verify the rectification work conducted by third parties. To ensure a prompt remedy for any system and equipment failure caused by the Y2K problem, special arrangement has been made with EMSD for
- - 2 an on-site Y2K emergency team to be stationed at critical USD buildings round the clock during Y2K critical periods. Departmental Working Groups and Supporting Services 5. USD attaches great importance to the resolution of the Y2K problem. A central support team, led by the Assistant Director (Information Technology) and responsible for coordinating and supervising all Y2K-related work, has been set up in the Information Technology Centre. Furthermore, each of the four branches of USD has its own Y2K task force to oversee the progress of Y2K rectification work within the branch. In addition, a 24-hour departmental support hotline has been set up since July 1999 to provide prompt response to enquiries and requests for assistance in regard to the Y2K problem raised. Contingency Plan 6. The contingency plans for all mission-critical systems and equipment have been well formulated by USD to avoid any possible disruption caused by the Y2K problem on the Department s services to the public. The contingency plans should state clearly how to provide services to the public in case of any services disruptions caused by the Y2K problem. Contingency measures to be adopted include fall back manual systems, paper-based backup copies, additional standby manpower. For instance, hard copies of all important ticketing and financial information of URBTIX will be printed two days before the critical date. After the end of ticketing services on the day before the critical date, ticket sales information in all performance venues will be copied to the seat plans which will be distributed to the ticketing outlets. In addition, the system will make additional backup copies. The backup computer system in the disaster recovery centre will also be started to cope with any contingencies. If the main computer system and backup computer system break down simultaneously because of the Y2K problem, the system date will be reset for system recovery. If the system is still unable to recover, the ticketing offices would operate manually according to the ticketing information printouts and continue to provide door sales and seven days advance booking services for the performances at the arts venues. In addition, the Provisional Urban Council Public
- - 3 Library Automation System will make additional backup copies on the date before the critical date. In the event of the system disruption due to Y2K problem, the system date will be reset so that the system can partially be resumed to support library daily operation, e.g. providing online catalogue access services, etc. This arrangement, together with manual fall back plans, will enable the service to the public uninterrupted. 7. The risk factors of critical business partners and basic utility services have also been taken into consideration when preparing the contingency plans. For example, the IT Centre of USD has been equipped with backup power supply system. If territory-wide power supply was interrupted, the power supply to the IT Centre would be switched to an independent backup power generator immediately. Furthermore, a backup data communication network has been set up for the mission-critical IT systems. If the primary network failed due to Y2K problem, the systems would be switched to the disaster recovery centre via the backup network. 8. All contingency plans have been audited by the Department s central support team. The Department has also arranged drill exercises for all contingency plans to test their feasibility and provide front end staff with an opportunity to carry out the plans for practice. All drill exercises have been completed in October this year. Y2K Emergency Command Centre 9. A Y2K Emergency Command Centre has been set up in the Department to provide effective control and coordination over branches and sections during the rollover to the Y2K critical dates. The Command Centre is responsible for monitoring of all mission-critical systems and equipment and keeping a close contact with the Y2K Central Co-ordinating Centre. 10. The Command Centre starts functioning 7 days before the Y2K critical dates and operates round the clock on the critical date and the day before. The tasks include all of the followings:! remind all staff to stay alert on the critical dates and avoid
- - 4 enhancement or maintenance work of systems and equipment! reserve manpower and resources for contingencies! ensure any preparation for the contingency plans has properly started! work out the processing timetable of the mission-critical IT systems on the critical dates and the days before! ensure the preparation of the list of action items for the systems and equipment on the critical dates! ensure important computer records are printed and kept properly and additional backup for important information and programmes are done! ensure the readiness of backup computer systems In the meantime, USD will establish an attendance system according to the guidelines of ITSD for all mission-critical systems and equipment and front end staff and line managers are required to attend all the missioncritical systems and equipment on the critical dates such as the period between 31 December 1999 to 3 January 2000 such that any Y2Kinduced failures can be tackled promptly. 11. The Command Centre will closely monitor all mission-critical systems and equipment on the critical dates. When a Y2K incident is suspected, the staff will notify the Command Centre of the details of the incident and the corresponding actions through the Y2K hotline. The Command Centre will report the progress of the incident to the Director of Urban Services and the Y2K Central Co-ordinating Centre. The Department will execute the contingency plan if the system fails to recover within the specified time. In the morning of the critical dates, the Command Centre will conduct wellness check for all missioncritical systems and equipment to ensure they function properly. The latest progress will be reported to the Director and the Central Coordinating Centre. Urban Services Department November 1999
Appendix Progress of Y2K Rectification Work for Mission-critical Systems and Equipment in USD (As at 1 November 1999) Type of Mission-critical Systems and Equipment (A) Systems and equipment confirmed to be Y2K compliant by manufacturers or contractors. (B) Systems and equipment certified to be Y2K compliant after upgrading, rectification and testing. (C) Systems and equipment which will be Y2K compliant after clock resets / Systems and equipment which have not been confirmed to be Y2K compliant by suppliers but have been proved to be Y2K compliant after detailed testing. Mission- Critical Computer Systems 5 (27.8%) Note 1 11 (61.1%) Note 2 2 (11.1%) Note 3 Mission- Critical Embedded Systems Mission-Critical Line Communication Systems 247 (86.4%) 18 (85.7%) Note 4 38 (13.3%) 1 (4.8%) Note 5 1 (0.3%) 2 (9.5%) Total 18 (100.0%) 286 (100.0%) 21 (100.0%)
Note 1: Systems confirmed to be Y2K compliant by manufacturers or contractors : 1. Cemeteries and Crematoria Services Computer system 2. PUC Chamber Conference and Voting System 3. PUC Secretariat Office Automation and Document Retrieval System 4. USD Office Automation and Document Retrieval System 5. Museum Pass System Note 2: Systems certified to be Y2K compliant after upgrading, rectification and testing: 1. Urban Ticketing system for Cultural Programmes (URBTIX) 2. Sports Facilities Booking and Ticketing System (SPORTIX) 3. Box Office Management Information System (BOMIS) 4. Municipal Services Grades Management System 5. USD Hotline Computer System 6. Transport Management Information System 7. Licence / Permit System 8. Hawker License System 9. Market Stalls Rental System 10. Payment of Creditors System 11. Revenue Collection System
Note 3: Systems and equipment which will be Y2K compliant after clock resets / systems and equipment which have not been confirmed to be Y2K compliant by suppliers but have been proved to be Y2K compliant after detailed testing: 1. Library Automation System 2. PC Backup System for Library Automation System Note 4: Among the 18 critical line communication systems, the commercial telephone system in the former Hong Kong Museum of History (HKMH) has ceased to be in operation after relocation and has been replaced by a Y2Kcompliant one in the new HKMH. Note 5: The interactive voice response system of USD hotline.